Sistemagpweb: >> Gpweb Security Vulnerabilities
SQL injection vulnerability in Password Recovery in GPWeb 8.4.61 allows remote attackers to execute arbitrary SQL commands via the "checkemail" parameter.
CVSS Score
9.8
EPSS Score
0.005
Published
2017-12-19
Unrestricted File Upload vulnerability in GPWeb 8.4.61 allows remote authenticated users to upload any type of file, including a PHP shell.
CVSS Score
7.2
EPSS Score
0.011
Published
2017-12-19
Insecure Permissions vulnerability in db.php file in GPWeb 8.4.61 allows remote attackers to view the password and user database.
CVSS Score
9.8
EPSS Score
0.003
Published
2017-12-19